This article will guide you through the installation and configuration steps of Chef Server/Workstation/Node on CentOS/RHEL 6.4.
The procedure mentioned in this tutorial is tested on:
OS | CentOS 6.4 |
Chef Server | 11.0.8 |
Knife | 11.6.0 |
I) Prerequisite
- Host should have fully configured hostname.
- Should have DNS entry in place.
- Following package are required.
# yum install -y wget curl
II) Chef Server Installation
- Go to http://www.opscode.com/chef/install.
- Click the Chef Server tab.
- Select the Operating system, Version, and Architecture.
- Select the version of Chef Server 11.x to download, and then click the link that appears to download the package.
- Install the downloaded package using the correct method for the operating system on which Chef Server 11.x will be installed.
# rpm -ivh https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-server-11.0.8-1.el6.x86_64.rpm
- Configure Chef Server 11.x by running the following command:
# chef-server-ctl reconfigure
The *chef-server-ctl* command will set up all of the required components, including Erchef, RabbitMQ, PostgreSQL, and all of the cookbooks that are used by chef to maintain Chef Server 11.x.
- Verify the the hostname for the server by running the *hostname* command. The hostname for the server must be a FQDN.
# hostname
- Verify the installation of Chef Server 11.x by running the following command:
# chef-server-ctl test
Note: Try to stop apache before running this test.
- You can explore the Chef Server URL using your favorite browser:
# https://FQDN-OR-IP-OF-CHEF-SERVER
Note: Default UserName/Password is admin/p@ssw0rd1
- The *chef-server-ctl* command is used on the Chef Server system for management. It has built-in help (-h) that will display the various sub-commands.
II) Chef WorkStation Installation
- Run the following command that appears (for UNIX and Linux environments):
# curl -L https://www.opscode.com/chef/install.sh | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 101 6790 101 6790 0 0 3826 0 0:00:01 0:00:01 --:--:-- 12190 Downloading Chef for el... Installing Chef warning: /tmp/tmp.KnyQTnqz/chef-.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY Preparing... ########################################### [100%] 1:chef ########################################### [100%] Thank you for installing Chef!
- When the installation is finished enter the *chef-client* command to verify that the chef-client was installed:
# chef-client -v Chef: 11.6.0
- Create the “.chef” directory
This directory (.chef) is used to store three important files:- knife.rb
- ORGANIZATION-validator.pem
- USER.pem
a) Copy Cert Keys from Chef Server to your Workstation User Folder:
$ mkdir ~/.chef $ scp root@chef-server:/etc/chef-server/admin.pem ~/.chef $ scp root@chef-server:/etc/chef-server/chef-validator.pem ~/.chef
b) Now we will configure the Client setting using *knife* command.
$ knife configure -i Overwrite /root/.chef/knife.rb? (Y/N) y Please enter the chef server URL: [https://test.example.com:443] https://chef-server.example.com:443/ Please enter a name for the new user: [root] knife-user1 Please enter the existing admin name: [admin] Enter Please enter the location of the existing admin's private key: [/etc/chef-server/admin.pem] ~/.chef/admin.pem Please enter the validation clientname: [chef-validator] Please enter the location of the validation key: [/etc/chef-server/chef-validator.pem] ~/.chef/chef-validator.pem Please enter the path to a chef repository (or leave blank): Creating initial API user... Please enter a password for the new user: Created user[knife-user1] Configuration file written to /root/.chef/knife.rb
c) Your Knife config file (knife.rb) will look like:
$ cat ~/.chef/knife.rb log_level :info log_location STDOUT node_name 'knife-user1' client_key '/root/.chef/knife-user1.pem' validation_client_name 'chef-validator' validation_key '/root/.chef/admin.pem' chef_server_url 'https://chef-server.example.com:443/' syntax_check_cache_path '/root/.chef/syntax_check_cache'
d) Verify the install by running the following commands to ensure that every chef-client and user was registered correctly.
$ knife client list chef-validator chef-webui $ knife user list admin knife-user1
III) Chef Node Installation
- Run the following command that appears (for UNIX and Linux environments):
# curl -L https://www.opscode.com/chef/install.sh | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 101 6790 101 6790 0 0 3826 0 0:00:01 0:00:01 --:--:-- 12190 Downloading Chef for el... Installing Chef warning: /tmp/tmp.KnyQTnqz/chef-.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY Preparing... ########################################### [100%] 1:chef ########################################### [100%] Thank you for installing Chef!
- Create the Chef Directory.
# mkdir /etc/chef
- Copy Chef Server Validation Cert Keys from Chef Server to your Node at “/etc/chef”:
# scp root@chef-server:/etc/chef-server/chef-validator.pem /etc/chef
- Log in to Chef client and run the following command in order for a client to register itself with Chef Server:
# chef-client -S https://FQDN-OR-IP-OF-CHEF-SERVER -K /etc/chef/chef-validator.pem
- Once the client is verified, we need to create a “client.rb” file inside “/etc/chef”.
# vi /etc/chef/client.rb log_level :info log_location STDOUT chef_server_url 'https://FQDN-OR-IP-OF-CHEF-SERVER'
- Verify the Node is successfully registered with Chef Server using:
a) From Workstation Machine:# knife node list
b) From Chef Server Web UI (Node List):
# https://FQDN-OR-IP-OF-CHEF-SERVER
- Run the Chef Client to check if the respective cookbook (recipe’s) are pushed to that node:
# chef-client # chef-client -l debug (In case if you want to debug)
- Starts the chef-client which will poll the chef-server every 3600 seconds for changes.
# chef-client -i 3600
Related Posts:
Part 1: Chef and its Component
Part 3: Understanding Chef Cookbook/Recipe.
Part 4: Understanding Chef Cookbook/Recipe.
Thank you for writing this series. You saved me hours of work. This is a well written, useful, and accurate tutorial and guide. I think it’s better than Chef’s own install guide. You may want to include a mention of opening TCP port 443 in iptables on the chef server machine. That was an obvious step to many of us but may be overlooked by some beginners.
Excellent tutorial Sachin. Thank you very much!
Can you also include steps of how to create cookbooks/recipes using CHEF server UI instead of from workstation ?
very nicely done. I have been struggling to configure the server and node for several days. Finally found this and it saved my day.
If you want to configure Chef on a different port other than 80 & 443, please create the following file and
then run “chef-server-ctl reconfigure”
===============================================
cat > /etc/chef-server/chef-server.rb <<EOF
lb['api_fqdn'] = "”
nginx[‘enable_non_ssl’] = true
nginx[‘non_ssl_port’] = “”
nginx[‘ssl_port’] = “”
EOF
==============================================
Note: Please update Machine Name, http & https port number (Eg: Machine_Name: test01.xactlycorporation.local, HTTP_PORT: 4000, HTTPS_PORT: 4443)
Reblogged this on sendilsadasivam.
whoah this weblog is fantastic i love studying your articles.
Stay up the good work! You realize, lots of individuals are hunting around
for this info, you could help them greatly.
Thank you for writing this concise and useful article, actually I followed another source in conjunction to this ( my company’s training) and able to make a neat installation.
Some commands to verify the installation was very useful.